On Nov 7, 2012, at 6:14 PM, Christopher Morrow wrote: > On Wed, Nov 7, 2012 at 6:08 PM, Eric Osterweil <[email protected]> > wrote: > >> Right, but did anyone who was involved in remediating that Moratel leak say, >> ``we're all set, I can see the path of the leak, it's miller time!''? I'm >> pretty >> sure verifying the leak is not the same as remediating it. > > but today we're stuck 'verifying' by the fact of: "joe user says the > internet gone bye-bye"
Uhh, point of order, I believe there would be a belch in there somewhere? ;) > again: What methodology or tool or data or ... would you use (and how) > to determine if the route you see is a 'leak' or not? This is where my record get's stuck, can we put this in the threats and requirements doc? I suspect there are a lot of ways people could suggest we address these problems, but as of now, (as a valid security threat) it's essentially outlawed by the threats document. If people spend a lot of time addressing this security problem, the result could be dismissed as not being in-scope. Why begin pushing on ideas if that is their fate? Eric _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
